Estimable

I've got some malware and junk programs that keep coming back. Every day I'll uninstall them with malwarebytes only to have them come back the next day. It's always the same programs too, "BoBrowser", "EyePerform", "I Cinema". What should I do? Thanks in advance.

Estimable

You need to get aggressive utilizing every scanner that exist on the internet to get rid of most of bad stuff as you can. This will take awhile and can break some of your legit programs so you will probably need to reinstall them again. Do this at their exact order from top to bottom:

You may now uninstall all of this programs except for Malwarebytes Anti-Malware (on demand scanner) and HerdProtect Anti-Malware (free auto schedule scan). Can also download Malwarebytes Anti-Exploit Free for extra proactive protection. http/downloads.malwarebytes.org/file/mbae

Now to clean up any damage left by the malware
I recommend you reset all of your browsers to revert any setting that malware could had change to your browsers: http/www.howtogeek.com/171924/how-to-reset-your-web-browser-to-its-default-settings/

You can optionally run Ccleaner after running and uninstalling all the scanners to fix the holes in your registry and delete some trace left behind from malwares.

If you then get a popup error every time you shutdown your computer, you need to repair your Microsoft .Net Framework by going to your uninstall program list and select repair.

If the malware is still persistent after all this, that mean all the scanners are finding the program legit and you will need to kill it yourself. This is risky so have your OS backup disk ready just incase. If you know the company name of the malware try to find it on your computer registry. Click start, search for regedit and click that program. Click Edit and click find and type the company name, and delete the registry it find and keep searching until it can't find anymore.

This long list probably defeat the purpose of just do a full reinstall your OS but oh well at least you get to keep your stuff.

Distinguished

If you pay the 25 bucks and get Malwarebytes licensed, you can have it run in the background real-time like your virus pgm. I have mine running full time along with Microsoft Securities Essentials and have never had a virus or Malware since. (years and years). But man! It has caught a ton of crap on some of the ... let's say, less safe... sites.

And that license allows it to be on any and all machines you have at the same time.

Titan

Distinguished

I've used all of the programs you guys suggested but the malware and programs still came back.

If you're not running Malwarebytes "real time protection" you can expect it to come back the next time you visit the site that you got it from. That's why I said you need to license it so it can run real-time. Like your virus pgm does.

Honorable

You should make sure the PPID and child processes are terminated. you want to use something like Process Monitor to get better details about what is spawning what. It most likely is some type of software or program that you installed that is doing this. If you leave a child processor or parent process not terminated properly they can rebuild whatever process it wants back from its own. Just do some of your own forensics work and figure out what processes look unusual and figure out which ones are spawning off of it. Just note that Malicious code executable s can spawn off of legit process IDS, but do some research and use your best judgement. Also navigate to your %APPDATA% folder and look under your browsers and look at for example your chrome extensions folder. If you have those PUP's saying they are installed in your browser match the ID of that extension in chrome developer mode and remove the folders in chrome if they match. Once you do that run Ccleaner again or you will just have the same folders spawn again from registry once you reboot.

Estimable

Estimable

I've used all of the programs you guys suggested but the malware and programs still came back.

If you're not running Malwarebytes "real time protection" you can expect it to come back the next time you visit the site that you got it from. That's why I said you need to license it so it can run real-time. Like your virus pgm does.

I don't go on the same website though. It installs even when my internet browser isn't open.

Estimable

Firstly Unpin all unwanted program from your taskbar.
Open your Systems Control Panel and delete all suspicious programs that cause annoying pop-up ads.
Open your Windows Task Manager and stop all the unwanted related processes
Delete all add ons from your browser and reset you browsers setting.
Remove all unsuspicious files from your system
Open your systems run box by pressing windows+R
Type regedit command in run box and press OK
Remove all related programs from Registry Editor.
Open your window file search and type %localappdata% into the location bar. Then a file related to BOBrowser occur delete It
Run any other strong antivirus program like Immunet, Avira or avast to remove the rest.

Estimable

You need to get aggressive utilizing every scanner that exist on the internet to get rid of most of bad stuff as you can. This will take awhile and can break some of your legit programs so you will probably need to reinstall them again. Do this at their exact order from top to bottom:

You may now uninstall all of this programs except for Malwarebytes Anti-Malware (on demand scanner) and HerdProtect Anti-Malware (free auto schedule scan). Can also download Malwarebytes Anti-Exploit Free for extra proactive protection. http/downloads.malwarebytes.org/file/mbae

Now to clean up any damage left by the malware
I recommend you reset all of your browsers to revert any setting that malware could had change to your browsers: http/www.howtogeek.com/171924/how-to-reset-your-web-browser-to-its-default-settings/

You can optionally run Ccleaner after running and uninstalling all the scanners to fix the holes in your registry and delete some trace left behind from malwares.

If you then get a popup error every time you shutdown your computer, you need to repair your Microsoft .Net Framework by going to your uninstall program list and select repair.

If the malware is still persistent after all this, that mean all the scanners are finding the program legit and you will need to kill it yourself. This is risky so have your OS backup disk ready just incase. If you know the company name of the malware try to find it on your computer registry. Click start, search for regedit and click that program. Click Edit and click find and type the company name, and delete the registry it find and keep searching until it can't find anymore.

This long list probably defeat the purpose of just do a full reinstall your OS but oh well at least you get to keep your stuff.

Share this page

About us

Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.